package com.example.hotelsystem.config;


import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;


import com.example.hotelsystem.entity.Power;
import com.example.hotelsystem.entity.RolePower;
import com.example.hotelsystem.entity.User;
import com.example.hotelsystem.entity.UserRole;
import com.example.hotelsystem.service.PowerService;
import com.example.hotelsystem.service.RolePowerService;
import com.example.hotelsystem.service.UserService;
import com.example.hotelsystem.service.UserRoleService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.List;


@Component("myRealm")
public class UserRealm extends AuthorizingRealm {


    @Autowired
    UserService userService;

    @Autowired
    UserRoleService UserRoleService;

    @Autowired
    RolePowerService RolePowerService;

    @Autowired
    PowerService powerService;

    @Override
    public String getName() {
        return "myRealm";
    }


    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行了=>授权doGetAuthorizationInfo");

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

//        info.addStringPermission("user");
        //获取当前登录的对象
        Subject subject = SecurityUtils.getSubject();

        User currentUser = (User) subject.getPrincipal();


        QueryWrapper<UserRole> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("user_id",currentUser.getId());
        UserRole UserRole = UserRoleService.getOne(queryWrapper);

        QueryWrapper<RolePower> queryWrapper2 = new QueryWrapper<>();
        queryWrapper2.eq("role_id",UserRole.getId());
        List<RolePower> list = RolePowerService.list(queryWrapper2);

        for(RolePower RolePower:list){
            QueryWrapper<Power> queryWrapper3 = new QueryWrapper<>();
            queryWrapper3.eq("id",RolePower .getPowerId());
            Power power = powerService.getOne(queryWrapper3);
            info.addStringPermission(power.getPowerName());
        }
        //设置当前用户权限

        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        System.out.println("执行了=>认证doGetAuthenticationInfo");



        UsernamePasswordToken userToken = (UsernamePasswordToken) token;

        //从token中取到用户名再去查用户密码
        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("username",userToken.getUsername());
        User user = userService.getOne(queryWrapper);

        System.out.println("------------------"+userToken.getUsername()+"------------------------");

        if (user == null){
            return null;
        }


        Subject currentSubject = SecurityUtils.getSubject();
//        Session session = currentSubject.getSession();
//        session.setAttribute("loginUser",user);

        SecurityUtils.getSubject().getSession().setTimeout(1800000);
        return new SimpleAuthenticationInfo(user,user.getPassword(),"");
    }
}
